summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-08-02Fix up multipath docker indentationMichele Baldessari1-5/+5
Deploying a multipathd container gives the following error: failed: [localhost] (item={'key': u'config_files', 'value': [{u'dest': u'/', u'merge': True, u'source': u'/var/lib/kolla/config_files/src-iscsid/*', u'preserve_properties': True}]}) => {\"checksum\": \"72ad81489381571c5043b7613f6828b06ae364bd\", \"failed\": true, \"item\": {\"key\": \"config_files\", \"value\": [{\"dest\": \"/\", \"merge\": true, \"preserve_properties\": true, \"source\": \"/var/lib/kolla/config_files/src-iscsid/*\"}]}, \"msg\": \"Destination directory does not exist\"} The reason is the wrong indentation of the config_files key in the multipath docker service. Change-Id: I0e1fbb9eb188a903994b9e5da90ab4a6fb81f00a Closes-Bug: #1708129
2017-08-02Merge "Fix iscsid role data's section"Jenkins1-1/+1
2017-08-02Merge "Fix network-isolation.j2.yaml to ignore VIPs for disabled networks"Jenkins1-1/+1
2017-08-02Merge "Remove empty metadata_settings from iscsid and multipathd templates"Jenkins2-2/+0
2017-08-02Merge "Adds stop and disable for libvirtd on upgrade to containers"Jenkins1-0/+4
2017-08-01Merge "Generate MySQL client config if service requires database"Jenkins44-116/+359
2017-08-01Merge "Add missing metadata_settings from docker services"Jenkins3-0/+6
2017-08-01Adds stop and disable for libvirtd on upgrade to containersmarios1-0/+4
Adds this into the tripleo_upgrade_node.sh executed by the operator for the major upgrade see the bug for more info Change-Id: Ic54b48b149594e8ea08e95152111bcdaf7b252b7 Closes-Bug: 1707926
2017-08-01Remove empty metadata_settings from iscsid and multipathd templatesJuan Antonio Osorio Robles2-2/+0
metadata_settings is meant to have a specific format or be completely absent. Unfortunately the hook [1] doesn't an empty value for this. So we remove it as an easy fix before figuring out how to add such a functionality to the hook. [1] https://github.com/openstack/tripleo-heat-templates/blob/master/extraconfig/nova_metadata/krb-service-principals.yaml Co-Authored-By: Thomas Herve <therve@redhat.com> Change-Id: Ieac62a8076e421b5c4843a3cbe1c8fa9e3825b38
2017-07-31Merge "Enable Dpdk after rebooting with Hugepages for OvS2.7"Jenkins2-35/+58
2017-07-31Merge "Fix creation of iptables rules for non-HA containerized HAproxy"Jenkins2-2/+39
2017-07-31Add missing metadata_settings from docker servicesJuan Antonio Osorio Robles3-0/+6
These are needed for the TLS everywhere bits. Change-Id: I81fcf453fc1aaa2545e0ed24013f0f13b240a102
2017-07-31Merge "Add 'ovn-controller' service"Jenkins12-15/+54
2017-07-31Enable Dpdk after rebooting with Hugepages for OvS2.7Saravanan KR2-35/+58
With OvS2.7, DPDK is initialized immediately after setting dpdk-init flag. DPDK requires hugepages configuration to be available on kernel args with a reboot. This patch reboots the node after applying the kernel args. And once the node is rebooted, DPDK will be enabled and then the deployment continues. Change-Id: Ide442e09c2bea56a38399247de588e63b4272326
2017-07-29Merge "add lbaasv2 to NeutronServicePlugins in octavia containers"Jenkins1-0/+5
2017-07-28Merge "Also log docker-puppet.py puppet output to console"Jenkins1-1/+1
2017-07-28Merge "Enable Zaqar API SSL"Jenkins2-1/+20
2017-07-28Also log docker-puppet.py puppet output to consoleBogdan Dobrelya1-1/+1
Running puppet apply with --logdest syslog results in all the output being redirected to syslog. You get no error messages. In the case where this fails, the subsequent debug task shows nothing useful as there was no stdout/stderr. Also pass --logdest console to docker-puppet's puppet apply so that we get the output for the debug task. Related-Bug: #1707030 Change-Id: I67df5eee9916237420ca646a16e188f26c828c0e Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2017-07-28Merge "Consistent hostname format env for split-stack"Jenkins3-15/+5
2017-07-27Add 'ovn-controller' serviceNuman Siddique12-15/+54
Presently the ovn-controller service (puppet/services/neutron-compute-plugin-ovn.yaml) is started only on compute nodes. But for the cases where the controller nodes provide the north/south traffic, we need ovn-controller service runninng in controller nodes as well. This patch - Renames the neutron-compute-plugin-ovn.yaml to ovn-controller.yaml which makes more sense and sets the service name as 'ovn-controller'. - Adds the service 'ovn-controller' to Controller and Compute roles. - Adds the missing 'upgrade_tasks' section in ovn-dbs.yaml and ovn-controller.yaml Depends-On: Ie3f09dc70a582f3d14de093043e232820f837bc3 Depends-On: Ide11569d81f5f28bafccc168b624be505174fc53 Change-Id: Ib7747406213d18fd65b86820c1f86ee7c39f7cf5
2017-07-27Also log puppet output to consoleJames Slagle1-1/+1
Running puppet apply with --logdest syslog results in all the output being redirected to syslog. You get no error messages. In the case where this ansible task fails, the subsequent debug task shows nothing useful as there was no stdout/stderr. Also pass --logdest console to puppet apply so that we get the output for the debug task. My local testing showed that when specifying logdest twice, both values were honored, and the output went to syslog and the console. Change-Id: Id5212b3ed27b6299e33e81ecf71ead554f9bdd29 Closes-Bug: #1707030
2017-07-27Generate MySQL client config if service requires databaseDamien Ciabrini44-116/+359
Services that access database have to read an extra MySQL configuration file /etc/my.cnf.d/tripleo.cnf which holds client-only settings, like client bind address and SSL configuration. The configuration file is thus used by containerized services, but also by non-containerized services that still run on the host. In order to generate that client configuration file appropriately both on the host and for containers, 1) the MySQLClient service must be included by the role; 2) every containerized service which uses the database must include the mysql::client profile in the docker-puppet config generation step. By including the mysql::client profile in each containerized service, we ensure that any change in configuration file will be reflected in the service's /var/lib/config-data/{service}, and that paunch will restart the service's container automatically. We now only rely on MySQLClient from puppet/services, to make it possible to generate /etc/my.cnf.d/tripleo.cnf on the host, and to set the hiera keys that drive the generation of that config file in containers via docker-puppet. We include a new YAML validation step to ensure that any service which depends on MySQL will initialize the mysql::client profile during the docker-puppet step. Change-Id: I0dab1dc9caef1e749f1c42cfefeba179caebc8d7
2017-07-27Fix iscsid role data's sectionDamien Ciabrini1-1/+1
The iscsid service definition has a typo, config_setting should read config_settings Change-Id: I12605dba61fd5f6ce80c3ab78e883ed5ebf3ca62
2017-07-27Merge "Add PCI to nova compute container for passthrough support"Jenkins1-0/+2
2017-07-27Merge "Enable libvirtd_config puppet tag in nova-libvirtd docker service"Jenkins1-1/+1
2017-07-27Enable Zaqar API SSLThomas Herve2-1/+20
This sets the SSL flag in the docker service and expose the parameter in the docker service. Depends-On: I4c68a662c2433398249f770ac50ba0791449fe71 Change-Id: Ic3df2b9ab7432ffbed5434943e04085a781774a0
2017-07-27Merge "Deploy Ceph in containers using ceph-ansible via external workflow"Jenkins7-0/+453
2017-07-27Merge "Make collectd run as root inside the container"Jenkins1-1/+3
2017-07-27Merge "Adding Tuned Service"Jenkins19-3/+75
2017-07-26Merge "aodh: add gnocchi_external_project_owner config"Jenkins1-0/+5
2017-07-26Merge "Fix enable-ceph sample environment"Jenkins3-0/+12
2017-07-26Deploy Ceph in containers using ceph-ansible via external workflowGiulio Fidente7-0/+453
Add docker profiles to deploy Ceph in containers via ceph-ansible. This is implemented by triggering a Mistral workflow during one of the overcloud deployment steps, as provided by [1]. Some new service-specific parameters are available to determine the workflow to execute and the ansible playbook to use. A new `CephAnsibleExtraConfig` parameter can be used to provide arbitrary config variables consumed by `ceph-ansible`. The pre-existing template params consumed up until the Pike release to drive `puppet-ceph` continue to work and are translated, when possible, into the equivalent `ceph-ansible` variable. A new environment file is added to enable use of ceph-ansible; the pre-existing puppet-ceph implementation remains unchanged and usable for non-containerized deployments. 1. https://review.openstack.org/#/c/463324/ Change-Id: I81d44a1e198c83a4ef8b109b4eb6c611555dcdc5
2017-07-26Merge "Provides Ceph config into OpenStack clients"Jenkins7-20/+59
2017-07-26Merge "Stop Heat WSGI services on docker upgrade"Jenkins3-5/+39
2017-07-26Merge "Ps Cinder: Added support for password less login"Jenkins3-0/+9
2017-07-26Fix enable-ceph sample environmentBen Nemec3-0/+12
The necessary resource registry entries were missing from this env and the old environment was not deprecated. Change-Id: I6a9b148514fc5da1f96b9fd7fe09f564c2f82419
2017-07-26Merge "Replace outdated instruction with link to upstream doc"Jenkins1-57/+2
2017-07-26Merge "Add parameters for Veritas HyperScale distributed setup."Jenkins2-2/+45
2017-07-26Merge "Open up firewall for the control-ports in the bundles"Jenkins3-1/+26
2017-07-26Merge "Add NodeTLSData to generic role.role.j2.yaml"Jenkins1-2/+29
2017-07-26Merge "Make various password descriptions consistent"Jenkins17-22/+18
2017-07-26Merge "Stop also openstack-swift-object-expirer when upgrading swift services"Jenkins2-0/+2
2017-07-26Merge "Contrail network realignement + DPDK enablement"Jenkins29-2823/+847
2017-07-26Merge "Add keystone cron container to run token_flush"Jenkins1-0/+26
2017-07-26Merge "nova_api_cron docker fix: add /var/spool/cron/nova"Jenkins1-4/+20
2017-07-26Merge "Add containerized manila-share to CI"Jenkins1-2/+1
2017-07-26Fix creation of iptables rules for non-HA containerized HAproxyDamien Ciabrini2-2/+39
The introduction of I90253412a5e2cd8e56e74cce3548064c06d022b1 broke the HAproxy service due to some HAproxy-specific iptables rules being executed during the puppet config step. Ensure that no iptables call is performed during the generation of configuration files. Move those calls to step 1, as implemented in the pacemaker-based HAproxy service (Ib5a083ba3299a82645f1a0f9da0d482c6b89ee23). Depends-On: I2d6274d061039a9793ad162ed8e750bd87bf71e9 Closes-Bug: #1697921 Change-Id: Ica3a432ff4a9e7a46df22cddba9ad96e1390b665
2017-07-25Add NodeTLSData to generic role.role.j2.yamlSteven Hardy1-2/+29
This is currently included in the controller-role template, so we need to add it to the generic role.role.j2.yaml in order to convert the controller-role template to be rendered via j2 Change-Id: I01bf01c8a31e4cc26f202dd1774845ec33f50bcd Partially-Implements: blueprint composable-networks
2017-07-25Merge "Add cinder cron container to run db purge"Jenkins1-0/+26
2017-07-25Provides Ceph config into OpenStack clientsGiulio Fidente7-20/+59
Given ceph-ansible or puppet-ceph will have created the Ceph config files and keyrings in /etc/ceph on baremetal, this change copies into the OpenStack containers the necessary files for the services to be able to connect to the Ceph cluster. Change-Id: Ibc9964902637429209d4e1c1563b462c60090365